<?php
header("content-type:text/html; charset=utf-8");
session_start();
require_once 'inc/config.php';
require_once 'inc/classes/db.php';
require_once 'inc/classes/template.php';
require_once 'inc/classes/util.php';
require_once 'include/staticdata.php';

$backUrl = $_SERVER['REQUEST_URI'];
if( $backUrl != '' && $backUrl != 'login.php' )
if( !empty($_SESSION['user']) ) {
	header('location: '.$backUrl);
	exit();
}

$gTemplate['templateDir'] = 'templates/';
$gTemplate['leftDelimiter'] = '{';
$gTemplate['rightDelimiter'] = '}';
$tpl = new Template( $gTemplate );
$db  = new db( $gDb );
util::gpc( );

if( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
	$username = trim($_POST['username']);
	$pwd      = trim($_POST['pwd']);
	$user = $db->fetchrow("select * from ".$gDb['prefix']."users where username='$username' and pwd='".md5($pwd)."'");
	if( !empty($user) ) {
		$_SESSION['user'] = $user;
		$now = time();
		$lastip = $_SERVER['REMOTE_ADDR'];
		$db->query("update ".$gDb['prefix']."users set lastip='$lastip',lasttime='$now',lastlogintimes=lastlogintimes+1 where id=".$user['id']);
		if($backUrl != 'login.php') {
			header('location: '.$backUrl);
			exit();
		} 
		header('location: /');
		exit();
	}
	$data['msg'] = '用户名或者密码不正确!';
	$data['username'] = $username;
	$data['pwd'] = $pwd;
	$tpl->assign('data', $data);
}

$tpl->assign('topnav', 	StaticData::getMenuData());
$tpl->assign('smallnav',StaticData::getSmallNav());
$tpl->assign('sort', 	StaticData::getSort());
$tpl->assign('lang',	include('include/lang.php'));

$tpl->display( );